Accessing Remote desktop through Nat network

I have situation where i have 2 isolated network
let me explain more about the 2 networks first.
- both network have their own Internet provider
- each network configured to block any incoming traffic but allow any outgoing traffic to the Internet.
- one of the network allow only out going traffic through proxy.
- both network uses NAT.

i have 2 systems one in each network (both windows xp)  and have Remote desktop running on it
since i can't change the configuration of the network on the Internet gateway i can't setup port forwarding for it

what i want is to be able to access the machine  in the other network using remote desktop ?
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

you will need to configure the NAT entries on each network to allow port 3389 through and map the port to the ip address of the server/pc inside each network. Also, you will need to enable the 'Allow users to connect remotely to this computer' check box in the 'Remote' tab of System properties on each PC that you want to access via Remote Desktop.

Hope this helps
WaielEidAuthor Commented:
That is the problem i can't change the configuration or enable any ports/ or even setup a prot forward on  the firewall/gateway ..

i was thinking of adding a third machine on the net that both machine connect to but i don't know how. or what software can help
I'm not sure in your current configuration if you could do this without access to the gateway or NAT entries. If you added a third machine, it would have to have an O/S that has NAT server capability such as Windows 2000/2003 Server and then you could configure your NAT entries there, although you would then still need to change the gateway addresses on both networks to point to this new server and it seems like a fairly expensive route to go to be honest.

you could try using some other free remote access programs and see if they can get through the firewall/gateway such as VNC ( or RAdmin ( although if the firewall is setup any way correctly, then I can't see it allowing these through either.
Acronis True Image 2019 just released!

Create a reliable backup. Make sure you always have dependable copies of your data so you can restore your entire system or individual files.

Sam PanwarSr. Server AdministratorCommented:
IF you want to remote access to other network then you must have

1. A user and password of the network user which have the permission of remote desktop or terminal service on both networks.
2. You have a gateway server or you make any computer to a gateway pc which route your IP address means you can use the remote and routing service on both gateway. Which is NAT your request?
3. If you are using the proxy server then you can have the allow terminal service port 3389 enabled .
4. IF you have firewall then also check the port and ip range

I think your problem resolved
WaielEidAuthor Commented:
Still i know this
let me clear it more.
I have no access to any of the Gateway / proxy configuration .. that's why i can't set any ports on the gateway or the proxy.
the idea i got is to have the 2 systems report to a third system on the net  ( since only outgoing traffic is allowed ) .
the third machine will act as a switch between them and transfer the the data coming from both to each other.

Is there away to do this by any application or port forwarding application for windows xp !?
If both machines are going to connect to that machine out on the net using RDP, your only change is to set up that machine on the net to use a different port than 3389... maybe something like 8080 since it's a web port. Other than that though, you're pretty much screwed since you have no control over the network. (Not really sure of your intention, so I'm not really going to list that piece in here)

But it sounds like chances are the network operators are blocking access to that port when it's going outside of the network. That's something you obviously won't be able to change. However, if they're blocking RDP traffic, period, then you can't use remote desktop.
Rob WilliamsCommented:
If you cannot re-configure the hardware, an alternative may be to use a relatively new, free, 3rd party, VPN server/client, called Hamachi.  Hamachi requires no configuration of ports on a firewall or other devices such as remote desktop, VNC, RAdmin do. It makes 2 out going connections from both systems to a 3rd party server, which coordinates the handshaking, and then sends them on their merry way. Because the initial requests are outgoing connections, no firewall modifications are required to configure incoming connections. If you have added specific outgoing firewall or proxy blocking rules this may not be possible. Once Hamachi has established the VPN connection, all ports within the VPN are open as if you were on the local network. Therefore you can then use remote desktop, file sharing, or other services you require. You may want to have a look. It is very simple to set up:
If you wish to run it as a service there is a paid version or you can do so with a couple of little Microsoft apps and changes:
see batch file near end:

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
WaielEidAuthor Commented:
Thanks Robwill
i was thinking about VPN connection to the server on the net
hamachi is really a good sloution for it

THanks again
Rob WilliamsCommented:
Thanks WaielEid.  
Hamachi should work well so long as someone has not intentionally added out going filters to block it. No default rule should cause a problem. Using the Windows Server VPN won't likely work either, as it requires port forwarding, so you are quite limited.

Good luck,
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Server OS

From novice to tech pro — start learning today.